| 1f4cd38 | Copybara-Service | 17 April 2024, 10:22:21 UTC | Merge pull request #735 from tink-crypto:dependabot/pip/python/examples/idna-3.7 PiperOrigin-RevId: 625622842 | 17 April 2024, 10:22:21 UTC |
| d847e39 | ioannanedelcu | 17 April 2024, 08:30:49 UTC | Add proto parser and serializer for SLH-DSA private key. PiperOrigin-RevId: 625599407 | 17 April 2024, 08:31:49 UTC |
| 1798b7c | wconner | 16 April 2024, 22:14:55 UTC | Add JWT Signature parameters and key types. PiperOrigin-RevId: 625468585 | 16 April 2024, 22:16:19 UTC |
| 9325851 | ioannanedelcu | 16 April 2024, 17:02:11 UTC | Add proto parser and serializer for SLH-DSA public key. PiperOrigin-RevId: 625367596 | 16 April 2024, 17:03:42 UTC |
| 3e4e908 | ioannanedelcu | 16 April 2024, 16:58:00 UTC | Add proto parser and serializer for SLH-DSA parameters. PiperOrigin-RevId: 625366253 | 16 April 2024, 17:00:09 UTC |
| f3c76e1 | juerg | 16 April 2024, 15:20:23 UTC | Add Benchmark tests for MAC in Golang. It tests computeMAC and verifyMAC for different key types and input length. Output: cpu: AMD EPYC 7B12 BenchmarkComputeMac/HMAC_SHA256_16-8 450417 2641 ns/op 552 B/op 6 allocs/op BenchmarkComputeMac/HMAC_SHA512_16-8 348763 3637 ns/op 816 B/op 6 allocs/op BenchmarkComputeMac/AES_CMAC_16-8 5366028 224.6 ns/op 72 B/op 4 allocs/op BenchmarkComputeMac/HMAC_SHA256_16k-8 29568 40542 ns/op 552 B/op 6 allocs/op BenchmarkComputeMac/HMAC_SHA512_16k-8 35130 34828 ns/op 816 B/op 6 allocs/op BenchmarkComputeMac/AES_CMAC_16k-8 18364 66723 ns/op 72 B/op 4 allocs/op BenchmarkVerifyMac/HMAC_SHA256_16-8 452025 2618 ns/op 528 B/op 5 allocs/op BenchmarkVerifyMac/HMAC_SHA512_16-8 366612 3376 ns/op 768 B/op 5 allocs/op BenchmarkVerifyMac/AES_CMAC_16-8 5455062 220.1 ns/op 48 B/op 3 allocs/op BenchmarkVerifyMac/HMAC_SHA256_16k-8 29738 40823 ns/op 528 B/op 5 allocs/op BenchmarkVerifyMac/HMAC_SHA512_16k-8 35286 35049 ns/op 768 B/op 5 allocs/op BenchmarkVerifyMac/AES_CMAC_16k-8 17973 66508 ns/op 48 B/op 3 allocs/op PiperOrigin-RevId: 625337887 | 16 April 2024, 15:21:41 UTC |
| 92dcf00 | ambrosin | 16 April 2024, 14:07:27 UTC | Increase the number of recursions to 1500 to test recursion limits for JSON This is needed because 3.12 increased the C recursion limit to 1500 (https://github.com/python/cpython/pull/107618). PiperOrigin-RevId: 625319033 | 16 April 2024, 14:08:39 UTC |
| a5a996a | ioannanedelcu | 16 April 2024, 13:16:22 UTC | Add SLH-DSA private key object. PiperOrigin-RevId: 625306982 | 16 April 2024, 13:18:03 UTC |
| 131b96f | juerg | 16 April 2024, 11:14:28 UTC | Add Benchmark tests for Deterministic AEAD in Golang. It tests encrypting and decrypting 16k data. Output: cpu: AMD EPYC 7B12 BenchmarkAESSIV/AES256_SIV-8 6500 176030 ns/op 54657 B/op 23 allocs/op PiperOrigin-RevId: 625278908 | 16 April 2024, 11:16:04 UTC |
| 36a5643 | wconner | 15 April 2024, 22:05:00 UTC | Add JWT HMAC proto key serialization. PiperOrigin-RevId: 625095823 | 15 April 2024, 22:06:17 UTC |
| 5c6da06 | wconner | 15 April 2024, 15:42:03 UTC | Add JWT HMAC proto parameters serialization. PiperOrigin-RevId: 624972785 | 15 April 2024, 15:43:30 UTC |
| b8f7f7c | tholenst | 15 April 2024, 11:13:04 UTC | Remove tests which create undefined behavior. PiperOrigin-RevId: 624909243 | 15 April 2024, 11:14:33 UTC |
| 735315f | wiktorg | 15 April 2024, 08:58:22 UTC | Internal change PiperOrigin-RevId: 624877734 | 15 April 2024, 08:59:53 UTC |
| 3db8cd9 | wconner | 12 April 2024, 14:39:46 UTC | Add C++ JWT HMAC key type. PiperOrigin-RevId: 624174566 | 12 April 2024, 14:40:58 UTC |
| 52ab085 | ioannanedelcu | 12 April 2024, 11:36:19 UTC | Add public key class for SLH-DSA key types. PiperOrigin-RevId: 624132197 | 12 April 2024, 11:37:28 UTC |
| 71e5aaa | Tink Team | 12 April 2024, 09:40:57 UTC | Automated Code Change PiperOrigin-RevId: 624104784 | 12 April 2024, 09:42:05 UTC |
| cd6dd31 | Tink Team | 12 April 2024, 09:18:59 UTC | Add `load()` statements for the Bazel builtin top-level java symbols Loads are being added in preparation for moving the symbols out of Bazel and into `rules_java`. PiperOrigin-RevId: 624099664 | 12 April 2024, 09:20:20 UTC |
| bd0cc8c | juerg | 12 April 2024, 08:12:55 UTC | Add a new test case that merges two keyset with the same key ids. PiperOrigin-RevId: 624083482 | 12 April 2024, 08:14:24 UTC |
| aaaa1d9 | dependabot[bot] | 12 April 2024, 01:42:13 UTC | Bump idna from 3.4 to 3.7 in /python/examples Bumps [idna](https://github.com/kjd/idna) from 3.4 to 3.7. - [Release notes](https://github.com/kjd/idna/releases) - [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst) - [Commits](https://github.com/kjd/idna/compare/v3.4...v3.7) --- updated-dependencies: - dependency-name: idna dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> | 12 April 2024, 01:42:13 UTC |
| acecf22 | Tink Team | 11 April 2024, 21:00:24 UTC | Add unit tests for gcp_kms_aead PiperOrigin-RevId: 623932208 | 11 April 2024, 21:01:53 UTC |
| b44abbc | Tink Team | 11 April 2024, 20:57:51 UTC | Add integrity verification to Tink go gcp aead. PiperOrigin-RevId: 623931199 | 11 April 2024, 20:59:07 UTC |
| 7126e2a | wiktorg | 11 April 2024, 11:05:10 UTC | Add stringops using core dump protections PiperOrigin-RevId: 623778676 | 11 April 2024, 11:06:28 UTC |
| 0470cc5 | tholenst | 11 April 2024, 09:20:36 UTC | Remove tests which create undefined behavior. One cannot create such enums. PiperOrigin-RevId: 623756712 | 11 April 2024, 09:21:53 UTC |
| 976993d | juerg | 11 April 2024, 07:44:51 UTC | Use rapidjson::kParseIterativeFlag when parsing JSON keysets. This makes sure that the stack size remains constant while parsing. PiperOrigin-RevId: 623736071 | 11 April 2024, 07:46:05 UTC |
| 05b3c50 | ckl | 10 April 2024, 22:14:03 UTC | Update primitives doc to point to DevSite for PRF. PiperOrigin-RevId: 623619570 | 10 April 2024, 22:15:15 UTC |
| a508e14 | ambrosin | 10 April 2024, 21:58:01 UTC | Fix `go_package` field in `aes_*` proto definitions PiperOrigin-RevId: 623614807 | 10 April 2024, 21:59:57 UTC |
| 3fbe593 | ckl | 10 April 2024, 18:10:58 UTC | Clean up PRF commentary. PiperOrigin-RevId: 623549940 | 10 April 2024, 18:12:14 UTC |
| 77b8101 | ckl | 10 April 2024, 17:57:34 UTC | Clean up PRF commentary. PiperOrigin-RevId: 623545635 | 10 April 2024, 17:58:38 UTC |
| e58b269 | ckl | 10 April 2024, 17:25:05 UTC | Update godoc for the prf package. PiperOrigin-RevId: 623535827 | 10 April 2024, 17:26:20 UTC |
| df06e2c | wconner | 10 April 2024, 15:23:48 UTC | Add C++ JWT HMAC parameters. PiperOrigin-RevId: 623500888 | 10 April 2024, 15:25:33 UTC |
| 6c03385 | ioannanedelcu | 10 April 2024, 09:54:46 UTC | Add parameters for SLH-DSA signature algorithm. As mentioned in the dd, BoringSSL currently only supports SLH-DSA-SHA2-128s, so we only accept this parameter set as well for now. PiperOrigin-RevId: 623431431 | 10 April 2024, 09:56:28 UTC |
| e85778c | ambrosin | 10 April 2024, 09:27:10 UTC | Update README.md to communicate the repo is no longer maintained #730 PiperOrigin-RevId: 623426010 | 10 April 2024, 09:29:48 UTC |
| 62da0f3 | wiktorg | 10 April 2024, 07:45:44 UTC | Add CallWithCoreDumpProtection to AES CMAC PiperOrigin-RevId: 623403538 | 10 April 2024, 07:46:49 UTC |
| 59d6a2b | Tink Team | 10 April 2024, 05:44:27 UTC | Silence some pytype errors. PiperOrigin-RevId: 623381193 | 10 April 2024, 05:45:50 UTC |
| 93a1cca | wconner | 09 April 2024, 18:23:33 UTC | Add JWT MAC parameters and key type. PiperOrigin-RevId: 623228536 | 09 April 2024, 18:25:12 UTC |
| ac2db86 | juerg | 09 April 2024, 14:12:23 UTC | Update comment about template and remove obselete TODO. PiperOrigin-RevId: 623157373 | 09 April 2024, 14:13:52 UTC |
| 2d4259e | wconner | 09 April 2024, 12:38:39 UTC | Fix documentation for JwtMacKey#getKid(). PiperOrigin-RevId: 623137978 | 09 April 2024, 12:41:26 UTC |
| e0acca7 | ambrosin | 09 April 2024, 09:57:21 UTC | Make HcVaultAead public PiperOrigin-RevId: 623105952 | 09 April 2024, 09:58:37 UTC |
| e157783 | tholenst | 09 April 2024, 08:35:59 UTC | Allow SHA224 and SHA384 in C++ for PRFs. This makes C++ consistent with other languages. PiperOrigin-RevId: 623088207 | 09 April 2024, 08:37:36 UTC |
| 410c233 | ioannanedelcu | 08 April 2024, 20:39:29 UTC | Add a proto structure for the Stateless Hash-Based Digital Signature Algorithm (SLH-DSA) PiperOrigin-RevId: 622938993 | 08 April 2024, 20:40:55 UTC |
| 5b5162b | Tink Team | 08 April 2024, 15:30:26 UTC | Add a raw KEM interface to Tink. This is a subtle interface, directly exposing the shared secret bytes. PiperOrigin-RevId: 622853743 | 08 April 2024, 15:31:38 UTC |
| 39ef4ac | juerg | 08 April 2024, 15:04:31 UTC | Fixed Bug in parsing invalid keysets that resulted in a TinkBugException. PiperOrigin-RevId: 622847234 | 08 April 2024, 15:05:53 UTC |
| bd17a7f | tholenst | 08 April 2024, 14:03:33 UTC | Cleanup and expand the StatefulHmacBoringSslTest. PiperOrigin-RevId: 622833282 | 08 April 2024, 14:04:57 UTC |
| eb6f3c9 | ambrosin | 05 April 2024, 20:59:30 UTC | Use the correct pyenv path in Kokoro macOS PiperOrigin-RevId: 622275210 | 05 April 2024, 21:01:29 UTC |
| 4738fc3 | ambrosin | 05 April 2024, 13:06:30 UTC | Upgrade default tink-cc dep to 2.1.2 PiperOrigin-RevId: 622157786 | 05 April 2024, 13:07:47 UTC |
| 965edf9 | ioannanedelcu | 05 April 2024, 10:56:21 UTC | Avoid unnecessary copies of RestrictedData in proto serialization (since it's less performant) and use const references instead. PiperOrigin-RevId: 622133044 | 05 April 2024, 10:57:38 UTC |
| 17b1ce9 | ambrosin | 05 April 2024, 08:55:14 UTC | Bump version to 2.1.2 PiperOrigin-RevId: 622108863 | 05 April 2024, 08:56:40 UTC |
| a954cf0 | ckl | 04 April 2024, 08:10:12 UTC | Use the EntriesInKeysetOrder field instead of building a local slice of all entries. PiperOrigin-RevId: 621771983 | 04 April 2024, 08:11:50 UTC |
| e16626b | ambrosin | 04 April 2024, 05:20:06 UTC | Use Python 3.8 in macOS continuous tests PiperOrigin-RevId: 621735359 | 04 April 2024, 05:21:28 UTC |
| da751cb | juerg | 03 April 2024, 19:31:59 UTC | Add more unit tests for Util.java. Also, fix some lint warnings. PiperOrigin-RevId: 621605961 | 03 April 2024, 19:33:27 UTC |
| 29fc855 | juerg | 03 April 2024, 15:59:52 UTC | Use OutputPrefixUtil in Legacy Primitives. PiperOrigin-RevId: 621539371 | 03 April 2024, 16:01:25 UTC |
| 5613f57 | ioannanedelcu | 03 April 2024, 13:56:04 UTC | Remove redundant comments regarding OSS string conversion. PiperOrigin-RevId: 621508890 | 03 April 2024, 13:57:29 UTC |
| c0c1296 | juerg | 03 April 2024, 13:28:59 UTC | Resolve old TODO for Bytes.intToByteArray and Bytes.byteArrayToInt. Add validation for capacity and length: - Reject capacity/length larger than 4 or smaller than 0. Such inputs give weird outputs that were not intended. - Reject negative values. - Reject if the value is too large for capacity. Also, add tests. PiperOrigin-RevId: 621503672 | 03 April 2024, 13:30:12 UTC |
| 7bd546a | ambrosin | 03 April 2024, 13:03:33 UTC | Rollback protobuf upgrade PiperOrigin-RevId: 621497993 | 03 April 2024, 13:04:41 UTC |
| 775a9e6 | Tink Team | 03 April 2024, 12:19:25 UTC | Add `load()` statements for the builtin Bazel java rules Loads are being added in preparation for moving the rules out of Bazel and into `rules_java`. PiperOrigin-RevId: 621489359 | 03 April 2024, 12:21:11 UTC |
| c7e4795 | juerg | 03 April 2024, 12:17:56 UTC | Validate that parsed string is a JSON Object. Without this, parsing may crash if the input is a valid JSON value, but not a JSON Object. PiperOrigin-RevId: 621489078 | 03 April 2024, 12:19:38 UTC |
| 6e5d0ea | Tink Team | 03 April 2024, 08:56:38 UTC | Automated Code Change PiperOrigin-RevId: 621446837 | 03 April 2024, 08:57:58 UTC |
| d7460c2 | ckl | 02 April 2024, 16:00:10 UTC | Remove trailing ASCII art from license headers. PiperOrigin-RevId: 621195332 | 02 April 2024, 16:01:24 UTC |
| 5fcc6a9 | ambrosin | 02 April 2024, 15:01:51 UTC | Bump urllib3 from 1.26.16 to 1.26.18 in /python COPYBARA_INTEGRATE_REVIEW=https://github.com/google/tink/pull/732 from tink-crypto:dependabot/pip/python/urllib3-1.26.18 c8dab7dd0f27f72cfa41d375b42afc0378981df5 PiperOrigin-RevId: 621174584 | 02 April 2024, 15:04:30 UTC |
| f28d315 | ambrosin | 02 April 2024, 15:01:38 UTC | Bump google.golang.org/protobuf from 1.30.0 to 1.33.0 in /go COPYBARA_INTEGRATE_REVIEW=https://github.com/google/tink/pull/733 from tink-crypto:dependabot/go_modules/go/google.golang.org/protobuf-1.33.0 556d865bfd4d063047380dc675efeac5c939382e PiperOrigin-RevId: 621174536 | 02 April 2024, 15:02:57 UTC |
| 9fa6df7 | juerg | 02 April 2024, 11:46:12 UTC | Remove EcdsaProtoTest.java. This test is not really needed. That this proto works is tested implicitly by other tests. PiperOrigin-RevId: 621133610 | 02 April 2024, 11:47:37 UTC |
| 86b6a21 | Tink Team | 02 April 2024, 07:27:39 UTC | Automated Code Change PiperOrigin-RevId: 621077529 | 02 April 2024, 07:28:49 UTC |
| 40510c4 | juerg | 28 March 2024, 20:49:44 UTC | Use parametrized tests in JwkSetConverterTest.java. Also, remove debugging output. PiperOrigin-RevId: 620046474 | 28 March 2024, 20:51:35 UTC |
| 0fdbac7 | juerg | 28 March 2024, 20:30:17 UTC | Add validation to HpkeUtil.intToByteArray. - The algorithm implementation used here doesn't work for capacity larger than 4, so we shouldn't allow this. - The algorithm definition, see https://www.rfc-editor.org/rfc/rfc3447.html#section-4.1, requires that 0 <= value < 256^capacity. And add unit tests. PiperOrigin-RevId: 620041132 | 28 March 2024, 20:32:08 UTC |
| 6f0527e | juerg | 26 March 2024, 17:03:58 UTC | Add TINK output prefix to LegacyKmsEnvelopeAeadKey. PiperOrigin-RevId: 619226820 | 26 March 2024, 17:05:26 UTC |
| 50bd2bc | juerg | 26 March 2024, 09:34:34 UTC | Simplify KmsEnvelopeAeadKeyManager.create. PiperOrigin-RevId: 619119161 | 26 March 2024, 09:35:50 UTC |
| 323eb28 | Tink Team | 26 March 2024, 08:18:45 UTC | Remove unused build dependency PiperOrigin-RevId: 619101876 | 26 March 2024, 08:20:04 UTC |
| 67ac23e | juerg | 26 March 2024, 08:01:23 UTC | Test error message from the release notes. PiperOrigin-RevId: 619097736 | 26 March 2024, 08:02:56 UTC |
| 2c7867a | juerg | 25 March 2024, 16:10:31 UTC | Also test signatures and JWT signatures in LateRegistrationTest. PiperOrigin-RevId: 618861360 | 25 March 2024, 16:12:00 UTC |
| 3e72fd7 | Tink Team | 25 March 2024, 11:54:38 UTC | Avoid copying `RestrictedData` objects during parsing. PiperOrigin-RevId: 618803899 | 25 March 2024, 11:55:52 UTC |
| 36f24af | juerg | 25 March 2024, 11:09:32 UTC | Use OutputPrefixUtil in keys to create the prefix. PiperOrigin-RevId: 618795733 | 25 March 2024, 11:10:34 UTC |
| b4ade8c | juerg | 25 March 2024, 09:33:14 UTC | Add TINK output prefix to KmsAeadKey. PiperOrigin-RevId: 618775859 | 25 March 2024, 09:34:39 UTC |
| d8c6c64 | juerg | 25 March 2024, 08:29:55 UTC | Remove TODO in ConfigurationV0. We've decided that Configurations in different languages may support slightly different set of algorithms. So there is no need for this Todo anymore. PiperOrigin-RevId: 618762732 | 25 March 2024, 08:31:24 UTC |
| 3eb497d | juerg | 25 March 2024, 07:52:11 UTC | Inline getFullPrimitiveOrNull, and pass exception. PiperOrigin-RevId: 618754808 | 25 March 2024, 07:53:30 UTC |
| 25cdeb9 | wconner | 22 March 2024, 15:36:02 UTC | Register ECIES proto serialization. PiperOrigin-RevId: 618187936 | 22 March 2024, 15:37:26 UTC |
| cce2bed | Tink Team | 21 March 2024, 16:52:25 UTC | Remove obsolete `output_to_genfiles = True`. PiperOrigin-RevId: 617875936 | 21 March 2024, 16:54:10 UTC |
| d0cbee5 | juerg | 21 March 2024, 16:32:39 UTC | Add tests where "register" is called late. This should work for non-JWT primitives. But it doesn't work for JWT. We check that the error message has a link to the relevant URL. PiperOrigin-RevId: 617869598 | 21 March 2024, 16:34:05 UTC |
| a833677 | juerg | 21 March 2024, 16:02:05 UTC | Add internal OutputPrefixUtil class. This will help us to remove some code duplication. PiperOrigin-RevId: 617860031 | 21 March 2024, 16:03:46 UTC |
| a812208 | wconner | 21 March 2024, 12:32:16 UTC | Update ECIES proto serialization. PiperOrigin-RevId: 617811982 | 21 March 2024, 12:33:27 UTC |
| 176159b | juerg | 20 March 2024, 20:17:54 UTC | Add another create function to LegacyFullAead. Also, simplify the implementation a bit, and add an additional check for the size of the output prefix. This will be needed to support TINK output prefix in LegacyKmsaAeadKey. PiperOrigin-RevId: 617606175 | 20 March 2024, 20:19:26 UTC |
| d297256 | tholenst | 20 March 2024, 16:29:17 UTC | Update the link to registration_errors. PiperOrigin-RevId: 617538189 | 20 March 2024, 16:30:52 UTC |
| 9af7e53 | lizatretyakova | 20 March 2024, 14:59:18 UTC | Introduce ConfigurationsV0. PiperOrigin-RevId: 617513667 | 20 March 2024, 15:00:49 UTC |
| 761677c | lizatretyakova | 20 March 2024, 14:07:26 UTC | Move ChaCha20Poly1305ProtoSerialization into internal/ and make it public for the use in test for future ConfigurationV0. PiperOrigin-RevId: 617501847 | 20 March 2024, 14:08:26 UTC |
| f6df6e0 | tholenst | 20 March 2024, 12:56:46 UTC | Change the JwtMac key manager to not work for creating primitives. This disables getPrimitive(JwtMac.class) for this key manager. This cannot work properly since the key manager doesn't have the ID when this is called. I *think* this should not change any behavior but it seems safer for sure. PiperOrigin-RevId: 617486683 | 20 March 2024, 12:58:25 UTC |
| bf518d1 | ambrosin | 19 March 2024, 14:01:14 UTC | Use Go 1.21 Go 1.22 was released, so 1.21 is now the oldest supported version. PiperOrigin-RevId: 617159143 | 19 March 2024, 14:02:35 UTC |
| 8d51f22 | juerg | 19 March 2024, 09:16:20 UTC | Don't export key from subtle primitives. Some primitives in tink-go subtle export a field "Key". This is not intentional, and should not be used. Using this might be a bug. So it is better to remove it directly. PiperOrigin-RevId: 617098822 | 19 March 2024, 09:17:19 UTC |
| cf800b6 | juerg | 19 March 2024, 07:53:20 UTC | Replace interface{} with any. "any" was introduced in go version 1.18. It is an alias of "interface{}": https://tip.golang.org/doc/go1.18 PiperOrigin-RevId: 617082326 | 19 March 2024, 07:55:06 UTC |
| ea6f5f9 | juerg | 18 March 2024, 15:23:08 UTC | Update golang github link for protos. PiperOrigin-RevId: 616834349 | 18 March 2024, 15:24:10 UTC |
| 95e12f9 | juerg | 18 March 2024, 13:55:20 UTC | Test that NewKeyData returns an object for which registry.PrimitiveFromKeyData returns the expected primitive. PiperOrigin-RevId: 616813710 | 18 March 2024, 13:56:36 UTC |
| 1e5f815 | juerg | 18 March 2024, 09:30:15 UTC | Remove deprecation annotation for KMS client registration. There are some valid use-cases for which we currently don't have a replacement. So it is better to wait with deprecation until we have a replacement. Also, update the documentation for these functions. PiperOrigin-RevId: 616759308 | 18 March 2024, 09:32:22 UTC |
| b1b47fa | metemad | 15 March 2024, 16:45:35 UTC | feat: Support the Cloud KMS AsymmetricSign feature. PiperOrigin-RevId: 616158966 | 15 March 2024, 16:46:57 UTC |
| 01b6a0c | Tink Team | 15 March 2024, 09:45:12 UTC | Automated Code Change PiperOrigin-RevId: 616063986 | 15 March 2024, 09:46:24 UTC |
| 4aed36b | ckl | 15 March 2024, 09:24:39 UTC | Remove key material from error messages. PiperOrigin-RevId: 616060223 | 15 March 2024, 09:25:48 UTC |
| 03b6a6f | juerg | 15 March 2024, 08:27:02 UTC | Refactor hmac_key_manager_test. - inline validateHMACPrimitive and validateHMACKey. - The test for getPrimitive should not test that the primitive is a subtleMac.HMAC. - instead of creating a subtle MAC primitive in validateHMACKey, it is better to use the registry to get the primitive from keyData. - in NewKey, we can remove the test for creating a primitive, because it is indirectly tested with NewKeyData. PiperOrigin-RevId: 616048412 | 15 March 2024, 08:29:06 UTC |
| 3619fe8 | juerg | 14 March 2024, 15:33:43 UTC | Don't use randbytes. This is not supported in older Python version. PiperOrigin-RevId: 615789200 | 14 March 2024, 15:35:14 UTC |
| ac63fc7 | juerg | 14 March 2024, 14:35:15 UTC | Let hcvault integration tests in Python use correct base64 encoding. PiperOrigin-RevId: 615772708 | 14 March 2024, 14:37:14 UTC |
| 8cc6d59 | juerg | 14 March 2024, 09:34:07 UTC | Use normal base64 encoding, and not URL safe. Also, use a random plaintext, that will also test this. PiperOrigin-RevId: 615705456 | 14 March 2024, 09:35:22 UTC |
| 9436b62 | juerg | 14 March 2024, 07:30:27 UTC | Remove leading zero in RSA public keys in JWK set conversion. The "n" value is currently encoded as minimal two's complement encoding, which may have a leading zero. But the standard doesn't allow this, it should always use the unsigned minimal encoding: https://datatracker.ietf.org/doc/html/rfc7518#section-6.3.1.1 PiperOrigin-RevId: 615679568 | 14 March 2024, 07:31:52 UTC |
| 43c17d4 | juerg | 13 March 2024, 14:54:11 UTC | Add Benchmark tests for PRFs in Golang. BenchmarkComputePRF/HMAC_SHA256_PRF_16-8 285105 3884 ns/op 528 B/op 5 allocs/op BenchmarkComputePRF/HMAC_SHA256_PRF_16k-8 19966 59463 ns/op 528 B/op 5 allocs/op BenchmarkComputePRF/HMAC_SHA512_PRF_16-8 256862 4397 ns/op 768 B/op 5 allocs/op BenchmarkComputePRF/HMAC_SHA512_PRF_16k-8 28039 42464 ns/op 768 B/op 5 allocs/op BenchmarkComputePRF/HKDF_SHA256_16-8 133785 8502 ns/op 1361 B/op 15 allocs/op BenchmarkComputePRF/HKDF_SHA256_16k-8 18424 65048 ns/op 1361 B/op 15 allocs/op BenchmarkComputePRF/AES_CMAC_PRF_16-8 3682260 323.0 ns/op 48 B/op 3 allocs/op BenchmarkComputePRF/AES_CMAC_PRF_16k-8 10000 114050 ns/op 48 B/op 3 allocs/op PiperOrigin-RevId: 615416650 | 13 March 2024, 14:55:35 UTC |
| cebe5e7 | ambrosin | 13 March 2024, 11:22:19 UTC | Add missing gRPC deps Also upgrade protobuf to 25.3 in java_src/ PiperOrigin-RevId: 615364375 | 13 March 2024, 11:23:36 UTC |
